On Thu, 10 Jul 2003, Owen DeLong wrote:
> I have an application where I have a device that will be doing group
> membership queries against my radius server looking for members in
> a group called "foo" of the form "[EMAIL PROTECTED]". Is there any way
> to jury rig radius such that it will:
>
> Only permit @blah.zorp and reject any other @foo.blah.
DEFAULT Realm !~ "blah.zorp", Auth-Type := Reject
>
> Take user from [EMAIL PROTECTED] and look it up in LDAP.
ldap {
[...]
filter = "(uid=%{Stripped-User-Name:-%{User-Name}})"
}
>
> Return True if user is found and fals if usre is not found.
authorize{
ldap {
notfound = return
}
}
Something like this...
>
> If anyone has any handy config examples for how to accomplish this,
> I'd be _VERY_ appreciative.
>
> Thanks,
>
> Owen
>
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
--
Kostas Kalevras Network Operations Center
[EMAIL PROTECTED] National Technical University of Athens, Greece
Work Phone: +30 210 7721861
'Go back to the shadow' Gandalf
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
